On 05-Jan-00 Thomas Klausner wrote:
>#GAMES_USER=
># Used by games packages as the userid they run as. Preferably games
># (which is default), since some games are setuid.
># Possible: any
># Default: games
>
> In which file should the following default lines be added?
> GAMES_USER?=    games
> GAMES_GROUP?=   games
> 

This seems all wrong to me.  It seems like all binaries should be owned by bin
or root, all levels and whatnot should as well.  Scorefiles, when needed,
should be games:games 664.

I cannot imagine a case where a game would have to be setuid.. unless it was
root, and in that case.. the pkg system should never install it like that.

Games that need to meddle with levels and scorefiles should be 2755 bin:games.

I really don't think users should be encouraged to muck with this stuff..  it
reeks of a security hole.  IMHO those values should be hardcoded.. not a
settable option that an unwary user could accidentally open a security hole on
his system with.

---
Tim Rightnour <root@garbled.net>
NetBSD: Free multi-architecture OS http://www.netbsd.org/
NetBSD Mailing lists on the web: http://mail-index.netbsd.org/